<?php

$rootdir = '../';
include_once('session.php');
include_once('users.php');
include_once('status.php');

global $desql;
$desql->Connect();

function CreateOrder($Id_User, $Order, $ClientNom, $ClientPrenom, $ClientAdresse1, $ClientAdresse2, $ClientCodePostal,
						$ClientVille, $ClientPays, $Commentaire, $Token,
						$Frais_Port_AvantReduction, $Frais_Port_ApresReduction, $MontantPanier_AvantReduction, $MontantPanier_ApresReduction, 
						$Codepromo_Code, $Codepromo_Type, $Codepromo_Param)
{
	global $desql;
	
	$result = $desql->Query('INSERT INTO orders(id_user, 
												`order`,
												status,
												client_nom,
												client_prenom,
												client_adresse1,
												client_adresse2,
												client_codepostal,
												client_ville,
												client_pays,
												commentaire,
												token,
												frais_port_avantreduction,
												frais_port_apresreduction,
												montantpanier_avantreduction,
												montantpanier_apresreduction,
												codepromo_code,
												codepromo_type,
												codepromo_param) 
										VALUES(' . $Id_User . ',
												\'' . mysql_real_escape_string($Order) . '\',
												' . 0 . ',
												\'' . mysql_real_escape_string($ClientNom) . '\',
												\'' . mysql_real_escape_string($ClientPrenom) . '\',
												\'' . mysql_real_escape_string($ClientAdresse1) . '\',
												\'' . mysql_real_escape_string($ClientAdresse2) . '\',
												\'' . mysql_real_escape_string($ClientCodePostal) . '\',
												\'' . mysql_real_escape_string($ClientVille) . '\',
												\'' . mysql_real_escape_string($ClientPays) . '\',
												\'' . mysql_real_escape_string($Commentaire) . '\',
												\'' . mysql_real_escape_string($Token) . '\',
												\'' . mysql_real_escape_string($Frais_Port_AvantReduction) . '\',
												\'' . mysql_real_escape_string($Frais_Port_ApresReduction) . '\',
												\'' . mysql_real_escape_string($MontantPanier_AvantReduction) . '\',
												\'' . mysql_real_escape_string($MontantPanier_ApresReduction) . '\',
												\'' . mysql_real_escape_string($Codepromo_Code) . '\',
												\'' . mysql_real_escape_string($Codepromo_Type) . '\',
												\'' . mysql_real_escape_string($Codepromo_Param) . '\'
												)');
	if($result == false)
		return false;
	else
		return true;
}

function GetOrderByID($ID)
{
	global $desql;
	
	if(is_numeric($ID) == false)
		return false;
	
	$result = $desql->Query('SELECT * FROM orders WHERE id=' . $ID);
	if($result == false)
		return false;
		
	if($t = mysql_fetch_array($result))
		return $t;
	else
		return false;
}

function UpdateOrder($order)
{
	global $desql;
	
	return $desql->Query('UPDATE orders SET id_user=\'' . mysql_real_escape_string($order['id_user']) . '\',
										`order`=\'' . mysql_real_escape_string($order['order']) . '\',
										status=' . mysql_real_escape_string($order['status']) . ', 
										client_nom=\'' . mysql_real_escape_string($order['client_nom']) . '\', 
										client_prenom=\'' . mysql_real_escape_string($order['client_prenom']) . '\', 
										client_adresse1=\'' . mysql_real_escape_string($order['client_adresse1']) . '\', 
										client_adresse2=\'' . mysql_real_escape_string($order['client_adresse2']) . '\', 
										client_codepostal=\'' . mysql_real_escape_string($order['client_codepostal']) . '\', 
										client_ville=\'' . mysql_real_escape_string($order['client_ville']) . '\', 
										client_pays=\'' . mysql_real_escape_string($order['client_pays']) . '\', 
										commentaire=\'' . mysql_real_escape_string($order['commentaire']) . '\', 
										token=\'' . mysql_real_escape_string($order['token']) . '\'
									WHERE id=' . mysql_real_escape_string($order['id']));
}

function GetOrderByToken($token)
{
	global $desql;
	
	$result = $desql->Query('SELECT * FROM orders WHERE token=\'' . mysql_real_escape_string($token) . '\'');
	if($result == false)
		return false;
		
	if($t = mysql_fetch_array($result))
		return $t;
	else
		return false;
}

function GetOrdersByIDUser($IDUser)
{
	global $desql;
	
	if(is_numeric($IDUser) == false)
		return false;
	
	$result = $desql->Query('SELECT * FROM orders WHERE id_user=' . $IDUser);
	if($result == false)
		return false;
	else
	{
		$orders = array();
		while($order = mysql_fetch_array($result))
			$orders[] = $order;

		return $orders;
	}
}

function GetAllOrders($Max)
{
	global $desql;
	
	$result = $desql->Query('SELECT * FROM orders');
	if($result == false)
		return false;
	else
	{
		$orders = array();
		while($order = mysql_fetch_array($result))
			$orders[] = $order;

		return $orders;
	}
}

function GetAdminOrdersHTMLContent()
{
	$orders = GetAllOrders(0);

	if($orders == false)
		return '<p style="color: red;">Une erreur est survenue</p>';
	
	$HTML = '<table style="font-size: 80%; width: 90%; margin: auto; margin-top: 20px;">
			<tr>
				<th style="width: 155px; border: 1px solid gray;">Num de commande</th>
				<th style="width: 176px; border: 1px solid gray;">Date de commande</th>
				<th style="width: 293px; border: 1px solid gray;">Statut</th>
				<th style="width: 87px; border: 1px solid gray;">Consulter</th>
			</tr>';		

	foreach($orders as $order)
	{
		$Statut = GetStatutById($order['status']);
	
		$HTML .= '<tr style="display: none; color: ' . GetStatutTxtColorById($order['status']) . ';background-color: ' . GetStatutColorById($order['status']) . ';" name="ligne_order_s' . $order['status'] . '">
				<td style="border: 1px solid gray;">
				' . $order['id'] . '
				</td style="border: 1px solid gray;">
				<td style="border: 1px solid gray;">
				' . $order['date'] . '
				</td>
				<td style="border: 1px solid gray;">
				' . $Statut . '
				</td>
				<td style="border: 1px solid gray; text-align: center;">
				<a href="?type=3&orderid=' . $order['id'] . '">Consulter</a>
				</td>
			</tr>';
	}
	
	$HTML .= '</table>';

	return $HTML;
}

function GetAdminOrderByIDHTMLContent($ID)
{
	$HTML = '';
	$order = GetOrderByID($ID);
	
	if($order == false)
		return '<p style="margin-left: 20px; margin-top: 20px;">Cette commande n\'existe pas</p>';
		
	$user = GetUserById($order['id_user']);
	if($user == false)
	{
		$user['mail'] = 'N\'existe plus';
	}
	else
	{
		$user['mail'] = '<a href="">' . $user['mail'] . '</a>';
	}
		
	$HTML .= '
	<div id="cadre_admin_table_recaporder">
		<table style="font-size: 80%; width: 90%; margin-left: 20px; margin-top: 20px;">
			<tr>
				<th>Détails</th>
			</tr>
			<tr>
				<td>Num commande</td>
				<td>' . $order['id'] . '</td>
			</tr>
			<tr>
				<td>Date</td>
				<td>' . $order['date'] . '</td>
			</tr>
			<tr>
				<td>Client</td>
				<td>
					<table style="width: 100%; border-collapse: collapse;">
						<tr>
							<td>ID</td>
							<td>' . $order['id_user'] . '</td>
						</tr>
						<tr>
							<td>Mail</td>
							<td>' . $user['mail'] . '</td>
						</tr>
					</table>
				</td>
			</tr>
			<tr>
				<td>Livraison</td>
				<td>
					<table style="width: 100%; border-collapse: collapse;">
						<tr>
							<td>Nom</td>
							<td>' . $order['client_nom'] . '</td>
						</tr>
						<tr>
							<td>Prénom</td>
							<td>' . $order['client_prenom'] . '</td>
						</tr>
						<tr>
							<td>Voie 1</td>
							<td>' . $order['client_adresse1'] . '</td>
						</tr>
						<tr>
							<td>Voie 2</td>
							<td>' . $order['client_adresse2'] . '</td>
						</tr>
						<tr>
							<td>Code postal</td>
							<td>' . $order['client_codepostal'] . '</td>
						</tr>
						<tr>
							<td>Ville</td>
							<td>' . $order['client_ville'] . '</td>
						</tr>
						<tr>
							<td>Pays</td>
							<td>' . $order['client_pays'] . '</td>
						</tr>
					</table>
				</td>
			</tr>
			<tr>
				<td>Commande</td>
				<td>
					<table style="width: 100%; border-collapse: collapse;">
						<tr>
							<td>' . MettreEnFormeCommande($order['order'], true) . '</td>
						</tr>
						<tr>
							<td>
								<table style="width: 100%; border-collapse: collapse;">
									<tr>
										<td>Port avant reduction</td>
										<td>' . $order['frais_port_avantreduction'] . '</td>
									</tr>
									<tr>
										<td>Port après reduction</td>
										<td>' . $order['frais_port_apresreduction'] . '</td>
									</tr>
									<tr>
										<td>Montant panier avant reduction</td>
										<td>' . $order['montantpanier_avantreduction'] . '</td>
									</tr>
									<tr>
										<td>Montant panier après reduction</td>
										<td>' . $order['montantpanier_apresreduction'] . '</td>
									</tr>
									<tr>
										<td>Code promo</td>
										<td>' . $order['codepromo_code'] . '</td>
									</tr>
									<tr>
										<td>Type du code</td>
										<td>' . $order['codepromo_type'] . '</td>
									</tr>
									<tr>
										<td>Paramètre du code</td>
										<td>' . $order['codepromo_param'] . '</td>
									</tr>
								</table>
							</td>
						</tr>
					</table>
				</td>
			</tr>
			<tr>
				<td>Commentaire du client</td>
				<td>' . $order['commentaire'] . '</td>
			</tr>
			<tr>
				<td>Identificateur de transaction</td>
				<td>' . $order['token'] . '</td>
			</tr>
		</table>
	</div>
	
	<br />
	<table style="margin-left: 20px;">
		<tr>
			<td>Statut de la commande :</td>
			<td><strong>' . GetStatutById($order['status']) . '</strong></td>
		</tr>
	</table>
	<br >
	<form style="margin-left: 20px;" method="post" onsubmit="return(confirm(\'Etes-vous sûr de vouloir modifier le statut de la commande ?\'));">
		<table style="width: 90%;" action: >
			<tr>
				<td><label for="statut">Changer le statut de la commande : </label></td>
				<td><select name="statut" id="statut">';
					$Statuts = GetAllStatuts();
					$i = 0;
					
					foreach($Statuts as $Statut)
					{
						$HTML .= '
						<option value="' . $i . '">' . $Statut . '</option>';
						$i++;
					}
					
					$HTML .= '
					</select><br />
				</td>
				<td><input type="submit" name="send" tabindex="3" value="Envoyer"></input></td>
			</tr>
		</table>
	</form>';
	
//	$Statuts = GetAllStatuts();
	
	return $HTML;
}

function SendMailIfOrderSent($order)
{
	if(GetStatutById($order['status']) == 'Commande envoyée')
	{
		$user = GetUserById($order['id_user']);
		if($user == false)
			return -1;
		else
		{
			$mail = $user['mail'];
			$Titre = 'Votre commande Doesn\'t Exist a été envoyée !';
			$Text = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
			$Text .= '<html xmlns="http://www.w3.org/1999/xhtml">';
			$Text .= '<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" /></head><body>';
			$Text .= '<p>Bonjour ' . $user['prenom'] . ',<br /><br />
					Ça y est votre commande est partie ! Vous la recevrez donc sous peu.<br /><br />
					En attendant, vous pouvez cliquer <a href="http://www.doesnt-exist.com">ici</a> pour décourvrir les nouveautés ou lire nos portraits. Vous pouvez également nous suivre sur facebook en cliquant sur le lien suivant <a href="http://www.facebook.com/DSNTEXST">www.facebook.com/DSNTEXST</a>.<br /><br />
					Si nous pouvons vous être utiles de quelque manière que ce soit, n\'hésitez pas à nous contacter à l\'adresse suivante: <a href="mailto:service-client@doesnt-exist.com">service-client@doesnt-exist.com</a>.<br />
					Pierre</p>';
			
			$Text .= '</body></html>';
			$Headers  = 'MIME-Version: 1.0' . "\r\n";
			$Headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";
			$Headers .= 'From: service.client@doesnt-exist.com' . "\r\n" .
						'Reply-To: service.client@doesnt-exist.com' . "\r\n" .
						'X-Mailer: PHP/' . phpversion();
			return (mail($mail, $Titre, $Text, $Headers)?1:-1);
		}	
	}
	else
		return 0;
}

function MettreEnFormeCommande($orders, $lien)
{
	$array_orders = explode('-', $orders);
	$HTML = '<table>';
	
	foreach($array_orders as $order)
	{
		$details = explode(',', $order);
		
		if($lien)
			$str = '<a href="cadre_infotshirt.php?tshirtid=' . $details[0] . '">' . $details[0] . '</a>';
		else
			$str = $details[0];
		
		if(count($details) == 3)
			$HTML .= '<tr>
					<td style="border: none;">Tshirt</td>
					<td style="border: none;">' . $str . '</td>
				</tr>
				<tr>
					<td style="border: none;">Quantité</td>
					<td style="border: none;">' . $details[1] . '</td>
				</tr>
				<tr>
					<td style="border: none;">Taille</td>
					<td style="border: none;">' . $details[2] . '</td>
				</tr>
				<tr><td style="border: none;"><br /></td></tr>';
	}
	
	return $HTML . '</table>';
}

?>